package com.wyj.wuliwuli.service.impl;

import com.alibaba.fastjson.JSONObject;
import com.auth0.jwt.exceptions.TokenExpiredException;
import com.wyj.wuliwuli.common.AjaxRequest;
import com.wyj.wuliwuli.common.AjaxResult;
import com.wyj.wuliwuli.common.ResultFactory;
import com.wyj.wuliwuli.controller.request.LoginRequest;
import com.wyj.wuliwuli.entity.WuliUser;
import com.wyj.wuliwuli.service.LoginService;
import com.wyj.wuliwuli.service.WuliUserService;
import com.wyj.wuliwuli.utils.JWTUtil;
import com.wyj.wuliwuli.utils.StringUtils;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.DigestUtils;
import org.springframework.web.util.HtmlUtils;

/**
 * @Author wyj
 * @version 1.0
 * @date 2022/2/15 11:25
 * @description
 */

@RequiredArgsConstructor
@Service
@Transactional
public class LoginServiceImpl implements LoginService {

    private final WuliUserService wuliUserService;


    @Override
    public AjaxResult auth(AjaxRequest<LoginRequest> ajaxRequest) throws Exception {
        LoginRequest params = ajaxRequest.getData();
        // 对 html 标签进行转义，防止 XSS 攻击
        String username = params.getUsername();
        String password = params.getPassword();
        username = HtmlUtils.htmlEscape(username);
        WuliUser wuliUser = wuliUserService.getByUsername(username);
        if(null == wuliUser) {
            // throw new LoginException("账号或密码不正确");
            return ResultFactory.buildFailResult("账号或密码不正确");
        }
        password = password + wuliUser.getSalt();
        if(!wuliUser.getPassword().equals(DigestUtils.md5DigestAsHex(password.getBytes()))) {
            // throw new LoginException("账号或密码不正确");
            return ResultFactory.buildFailResult("账号或密码不正确");
        }
        // 生成token
        String accessToken = JWTUtil.accessToken(wuliUser.getUsername());
        String refreshToken = JWTUtil.refreshToken(wuliUser.getUsername());
        JSONObject data = new JSONObject();
        data.put("accessToken", accessToken);
        data.put("refreshToken", refreshToken);
        data.put("user", wuliUser);
        AjaxResult ajaxResult = ResultFactory.buildSuccessResult();
        ajaxResult.setData(data);
        return ajaxResult;

    }


    @Override
    public AjaxResult refreshToken(AjaxRequest<JSONObject> ajaxRequest) throws Exception {
        JSONObject json = ajaxRequest.getData();
        if(null == json || StringUtils.isBlank(json.getString("refreshToken"))) {
            throw new TokenExpiredException("未获取到refreshToken");
        }
        String refreshToken = json.getString("refreshToken");
        String key = JWTUtil.getKey(refreshToken);
        JWTUtil.verifyRefreshToken(refreshToken, key);
        JSONObject result = new JSONObject();
        result.put("accessToken", JWTUtil.accessToken(key));
        result.put("refreshToken", JWTUtil.refreshToken(key));

        AjaxResult ajaxResult = ResultFactory.buildSuccessResult();
        ajaxResult.setData(result);

        return ajaxResult;
    }
}
